package com.bdqn.crm.config.shiro;

import org.springframework.context.annotation.Bean;

/**
 * @Author：南小楠
 */
public class ShiroConfig {
    @Bean
    public MyShiroRealm myShiroRealm(){ //自定义Realm
        MyShiroRealm shiroRealm = new MyShiroRealm();
        return shiroRealm;
        }
        @Bean
        public <DefaultWebSecurityManager> SecurityManager securityManager(){ //安全管理器 SecurityManager
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        // 注入Realm
         securityManager.setRealm(myShiroRealm());
         return (SecurityManager) securityManager;
    }
    @Bean
    public <ShiroFilterFactoryBean> ShiroFilterFactoryBean shiroFilterFactory(SecurityManager securityManager){//Shiro过滤器：权限验证
        ShiroFilterFactoryBean shiroFilterFactory = new ShiroFilterFactoryBean();
        //注入SecurityManager
        shiroFilterFactory.setSecurityManager(securityManager);
        // 权限验证：使用Filter控制资源(URL)的访问 
        // 本次课暂不设置过滤器进行权限验证，下章再学习
       return shiroFilterFactory;
    }
}
